bfa863e45de5b01fe9342eebbb7e08f52d3b1a3b63d512201c959b5a04c84212

Sharing

Copy URL Twitter E-mail

General

Target

bfa863e45de5b01fe9342eebbb7e08f52d3b1a3b63d512201c959b5a04c84212
Size

13.7MB
MD5

d8cd1ab99979c4f5726baaac7cf11185
SHA1

33e4c1830347f22dc3aaadbbd88374afb5d92e17
SHA256

bfa863e45de5b01fe9342eebbb7e08f52d3b1a3b63d512201c959b5a04c84212
SHA512

452d6177b2339977516c0801e8e5ad43c3b9df7335467b3668b9ce65c3c28e73cec8e8d742f9704d5fd1a02e456589531f88ea681d062e7a4fdab71e6422f8b5
SSDEEP

393216:yzaGRzSvLmK2jBzJqn57Mvq3ON0q2+cu:AlSvLTEBzsn573ONTfcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa863e45de5b01fe9342eebbb7e08f52d3b1a3b63d512201c959b5a04c84212

Files

bfa863e45de5b01fe9342eebbb7e08f52d3b1a3b63d512201c959b5a04c84212
.exe windows:4 windows x86

e7008aba61c2fa39d2692064b58fcfdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
IsBadWritePtr

user32

GetLastActivePopup
DestroyWindow

advapi32

RegSetValueExA
RegOpenKeyExA

gdi32

GetObjectA
GetViewportExtEx

winspool.drv

ClosePrinter
ClosePrinter

comctl32

ord17
ImageList_DragMove

shlwapi

PathFindFileNameA

ws2_32

WSAStartup
ioctlsocket

version

VerQueryValueA

shell32

SHGetSpecialFolderPathA
DragFinish

ole32

OleInitialize

psapi

GetModuleInformation

oleaut32

VariantChangeType
LoadTypeLi

winmm

waveOutGetNumDevs

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7008aba61c2fa39d2692064b58fcfdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

winspool.drv

comctl32

shlwapi

ws2_32

version

shell32

ole32

psapi

oleaut32

winmm

comdlg32

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 364KB

.data Size: - Virtual size: 2.0MB

.rsrc Size: 28KB - Virtual size: 24KB

.svmp1 Size: - Virtual size: 4.1MB

.svmp2 Size: 4.8MB - Virtual size: 4.8MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.8MB - Virtual size: 5.8MB

.svmp5 Size: 16KB - Virtual size: 12KB

.svmp6 Size: 432KB - Virtual size: 431KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 364KB

.data
Size: - Virtual size: 2.0MB

.rsrc
Size: 28KB - Virtual size: 24KB

.svmp1
Size: - Virtual size: 4.1MB

.svmp2
Size: 4.8MB - Virtual size: 4.8MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

.svmp5
Size: 16KB - Virtual size: 12KB

.svmp6
Size: 432KB - Virtual size: 431KB